<?php

  /*getting their username and password*/
$user = $_POST["username"];
$pass = $_POST["password"];
   
  /*connecting to the database*/
$conn = mysql_connect('studentdb.gl.umbc.edu', 'chrimo1', 'chrimo1');
if (!$conn) {
   die('Could not connect');
}

$db_selected = mysql_select_db('chrimo1', $conn);
if (!$db_selected) {
   die ('Can\'t use chrimo1');
}
  else{      //this else corresponds to the previous if, which is  fail condition, so this means it worked
    /*
    check for validity either let them in, or tell them it failed
    */
  $sql = "SELECT username, passwd FROM customerInfo WHERE username = '$user' AND passwd = '$pass'";
$result = mysql_query($sql, $conn);
$validity = mysql_fetch_array($result);
$u = $validity['username'];
    /*it failed*/
if($u == ""){
  /*redirection from logout*/
   if($_GET['logout'] == 1){
     setcookie("user", "", time()-3600);
     header('Location: login.html');
   }      /*end redirection, restart fail condition*/
   echo '<body style="background-color:black">';
   echo "<center><font color='gold' size=48><br />ERROR!<br />Your username and password do not match, click below to try again";
   echo "<center><a href='login.html'> <font size=48>Try Again</font></a></center>";
  
}
    /*it worked*/
else{
   if($_GET['logout'] == 1){
      setcookie("user", "", time()-3600);
   }
   $newSql = "SELECT custIdNum, name, shippingAddress FROM customerInfo WHERE username = '$user' AND passwd = '$pass'";
   $resultant = mysql_query($newSql);
   $info = mysql_fetch_array($resultant);
   $id = $info['custIdNum'];
   $name = $info['name'];
   $shipping = $info['shippingAddress'];
  
   
  setcookie("user", $user, time()+3600);       //set the cookie for use in customer page
  /*formatting*/
   echo '<body style="background-color:black">';
echo "<center><img src='images/Title.png'></center><br />";
 echo "<center><br /> <img src=http:'images/Login_success.PNG'></center><br />";
   echo "<center><a href='index.php'> <img src='images/Continue.PNG'></a></center>";
}
}
?>
